Описание
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
Ссылки
- Vendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- Vendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:1.4:*:*:*:*:*:*:*
cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:1.5.19:*:*:*:*:*:*:*
cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.0.12:*:*:*:*:*:*:*
cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.0.16:*:*:*:*:*:*:*
cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.9:*:*:*:*:*:*:*
cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.10:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.47788
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 21 года назад
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 a ...
github
почти 4 года назад
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
EPSS
Процентиль: 98%
0.47788
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other